1. Field of the Invention
The present invention generally relates to a method of managing confidential data and to partitioning access to confidential data maintained in an abstract database based on user activity.
2. Description of the Related Art
Databases are computerized information storage and retrieval systems. A relational database management system is a computer database management system (DBMS) that uses relational techniques for storing and retrieving data. The most prevalent type of database is the relational database, a tabular database in which data is defined so that it can be reorganized and accessed in a number of different ways.
Regardless of the particular architecture, in a DBMS, a requesting entity (e.g., an application, the operating system or a user) demands access to a specified database by issuing a database access request. Such requests may include, for instance, simple catalog lookup requests or transactions and combinations of transactions that operate to read, change and add specified records in the database. These requests are made using high-level query languages such as the Structured Query Language (SQL). The term “query” denominates a set of commands for retrieving data from a stored database. Queries take the form of a command language that lets programmers and programs select, insert, update, find out the location of data, and so forth.
One of the issues faced by data mining and database query applications, in general, is their close relationship with a given database schema (e.g., a relational database schema). This relationship makes it difficult to support an application as changes are made to the corresponding underlying database schema. Further, the migration of the application to alternative underlying data representations is inhibited. In today's environment, the foregoing disadvantages are largely due to the reliance applications have on SQL, which presumes that a relational model is used to represent information being queried. Furthermore, a given SQL query is dependent upon a particular relational schema since specific database tables, columns and relationships are referenced within the SQL query representation. As a result of these limitations, a number of difficulties arise.
One difficulty is that changes in the underlying relational data model require changes to the SQL foundation that the corresponding application is built upon. Therefore, an application designer must either forgo changing the underlying data model to avoid application maintenance or must change the application to reflect changes in the underlying relational model. Another difficulty is that extending an application to work with multiple relational data models requires separate versions of the application to reflect the unique SQL requirements driven by each unique relational schema. Yet another difficulty is evolution of the application to work with alternate data representations because SQL is designed for use with relational systems. Extending the application to support alternative data representations, such as XML, requires rewriting the application's data management layer to use non-SQL data access methods.
A typical approach used to address the foregoing problems is software encapsulation. Software encapsulation involves using a software interface or component to encapsulate access methods to a particular underlying data representation. An example is found in the Enterprise JavaBean (EJB) specification that is a component of the Java 2 Enterprise Edition (J2EE) suite of technologies. In the case of EJB, entity beans serve to encapsulate a given set of data, exposing a set of Application Program Interfaces (APIs) that can be used to access this information. This is a highly specialized approach requiring the software to be written (in the form of new entity EJBs) whenever a new set of data is to be accessed or when a new pattern of data access is desired. The EJB model also requires a code update, application build and deployment cycle to react to reorganization of the underlying physical data model or to support alternative data representations. EJB programming also requires specialized skills; since more advanced Java programming techniques are involved. Accordingly, the EJB approach and other similar approaches are rather inflexible and costly to maintain for general-purpose query applications accessing an evolving physical data model.
Additional difficulties arise when one entity acts as a service provider for multiple, sometimes competing, accounts. For example, a provider may offer database storage, query and retrieval services to multiple competing entities. Although necessary, it is not sufficient for the database services provider to ensure that data belonging to one entity is protected from access by others. First, competing entities sometimes wish to share limited amounts of data related to a particular joint venture. By engaging in cooperative and joint ventures, many business entities necessarily share data with one another. Thus, simply segregating access to data by entity is inadequate.
Further, the service provider may provide services to entities that are themselves competitors. As agents of the service provider work with one entity (e.g. providing consulting services), they may be exposed to confidential data belonging to one account. Although an employee may be authorized to access the data from any one account, very few employees should be able to access the data from two or more competitors' accounts. Having access to the data from two accounts creates two problems. First, agents of the service provider may intentionally compromise information belonging to one account at the expense of another. In other words, data theft may occur. Second, having access to information from multiple accounts may create conflicts of interest. That is, agents of the service provider should not be allowed to consult with one client while having insider knowledge of the plans, status or standing of a competing account.
An additional problem is that information leakage may corrupt a company's intellectual property rights. For example, serious problems of ownership and conception arise when the ideas, data, or results generated by one group of researches leak into another. This may happen accidentally if a consultant becomes exposed to ideas from two competing projects and assumes that the ideas may be freely used in either.
Accordingly, there is a need for improved and more flexible methods for accessing data that are not limited to the particular manner in which the underlying physical data is represented. Further, such methods should provide for the security of confidential data and prevent access to confidential data by individuals that would lead to conflicts of interest or other inappropriate disclosures.